Anyone using IoT (Internet of Things) sensors in their facilities?
Close
Login to Your Account
Results 1 to 18 of 18
  1. #1
    Join Date
    Oct 2010
    Location
    Portland, OR
    Posts
    704
    Post Thanks / Like
    Likes (Given)
    136
    Likes (Received)
    248

    Default Anyone using IoT (Internet of Things) sensors in their facilities?

    Would like to know if anyone is using IoT sensors to provide information and/or notifications of events (ideally on the shop floor). These would be things like temperature, pressure, open/closed/, movement, etc. sensors that can alert via text of email. If you don't mind, provide information on what is being sensed, how it's being "passed on" (via event notification, into a database, etc.) and some opinion on how useful the information is.

    Just FYI, I'm on a project (sounds like it's gov sponsored) to help promote this and some other technologies. Please note that I'm am NOT a proponent of technology just because it's out there and available, IMO it has to have a proven usefulness. I'm a firm believer in "just because you can, doesn't mean you should". However, this stuff is "cheap and easy" if you have a needed application. I've been playing around with Monnit's stuff, the only issue thus far is that they can't ship very fast (isn't that ironic for an IT company!).

    Thanks,
    The Dude

  2. #2
    Join Date
    Mar 2011
    Location
    Denver, CO USA
    Posts
    10,212
    Post Thanks / Like
    Likes (Given)
    58
    Likes (Received)
    5694

    Default

    I down checked a bunch of this type of equipment for security reasons.
    Thermostat on my home...OK.
    Process temperature sensor on a chemical plant...no way.
    Not for process control anyway.

    The stuxnet attack worked by spoofing speed on the Iranian centrifuges...and that was hardwired.

  3. Likes The Dude liked this post
  4. #3
    Join Date
    Dec 2016
    Country
    UNITED STATES
    State/Province
    California
    Posts
    139
    Post Thanks / Like
    Likes (Given)
    21
    Likes (Received)
    36

    Default

    Not at work but I just picked up a Particle Photon from SparkFun. I'm going to work on setting it up with a microphone to listen for the dryer buzzer and send my wife an email/text saying "clothes are dry".

    The question now isn't so much collection of data (that part is getting stupid easy) but what you do with it when you have it.

  5. Likes Oldwrench, The Dude liked this post
  6. #4
    Join Date
    May 2009
    Country
    UNITED STATES
    State/Province
    Wyoming
    Posts
    3,156
    Post Thanks / Like
    Likes (Given)
    7533
    Likes (Received)
    5077

    Default

    I especially want a turning center to email me on vacation telling me its chuck didn't close...

  7. #5
    Join Date
    Oct 2010
    Location
    Portland, OR
    Posts
    704
    Post Thanks / Like
    Likes (Given)
    136
    Likes (Received)
    248

    Default

    Quote Originally Posted by Miguels244 View Post
    The stuxnet attack worked by spoofing speed on the Iranian centrifuges...and that was hardwired.
    Yeah, I totally get it. But how about this: Is there anything you know about using IoT devices that make it any "worse" than having simple WIFI in your facility, or even just connected to the internet (wired Ethernet, like the centrifuges likely were)? Or even just a smartphone in your facility? These days, you pretty much have to not have ANYTHING connected to the internet to be fully cyber secured, agreed? Even if you weren't connected to the internet but had data on a PC, someone could come in and just steal it, right? I've been using on-line banking for years and have never had money stolen via that route but have had my mail stole twice (now have a locking mailbox).

    Quote Originally Posted by Triaged View Post
    Not at work but I just picked up a Particle Photon from SparkFun. I'm going to work on setting it up with a microphone to listen for the dryer buzzer and send my wife an email/text saying "clothes are dry".

    The question now isn't so much collection of data (that part is getting stupid easy) but what you do with it when you have it.
    If the stuff you're using won't work, Monnit makes both temp and noise sensors. I got a temp sensor installed and the issue I have is that it continually alerts at the temp threshold, hopefully there's a way to make this just a one-time alert on a temp change/noise change (haven't looked into it yet).

    I'm 100% with your "what do you do with it?" concern. That was "secretly" why I asked the question, to see if there was anything truly justifiable. Bottom line: I'm "bunk" on a lot of technology "alerts". For just about everything I've seen, there's either too much info being processes (e.g. "door bell" ringer, news alerts on your phone) or a better means of dealing with the issue (i.e. fix the problem instead of being alerted by it).

    Thanks all,
    The Dude

  8. #6
    Join Date
    Mar 2011
    Location
    Denver, CO USA
    Posts
    10,212
    Post Thanks / Like
    Likes (Given)
    58
    Likes (Received)
    5694

    Default

    Quote Originally Posted by The Dude View Post
    Yeah, I totally get it. But how about this: Is there anything you know about using IoT devices that make it any "worse" than having simple WIFI in your facility, or even just connected to the internet (wired Ethernet, like the centrifuges likely were)? Or even just a smartphone in your facility? These days, you pretty much have to not have ANYTHING connected to the internet to be fully cyber secured, agreed? Even if you weren't connected to the internet but had data on a PC, someone could come in and just steal it, right? I've been using on-line banking for years and have never had money stolen via that route but have had my mail stole twice (now have a locking mailbox

    Thanks all,
    The Dude
    The Iranian facility was not on the internet. Styx net was delivered by usb to a laptop. That lap top was then used on the internal network.
    I’ve been in industrial parks where the guest WiFi was bridged to the industrial net.
    We had a sales man with an infected laptop plug in to our net and reinfect everything only an hour after IT has quarenteened the facility.
    It took almost three days to clean up the damage.
    I’ve seen industrial WiFi nets with the default password still in place.
    There’s a cultural disdain for security in many places.
    The controls engineers resent bein beholden to IT.
    And since they are competent, often they just hack in instead.


    The only way I’ve ever felt “safe” was using MAC address permissions.
    Encrypted traffic would be nice, but many devices don’t have the capability.
    Individual passwords for each device would be good, but managing the list is, itself, a security risk.

  9. #7
    Join Date
    Nov 2018
    Country
    UNITED STATES
    State/Province
    Michigan
    Posts
    176
    Post Thanks / Like
    Likes (Given)
    78
    Likes (Received)
    99

    Default

    Quote Originally Posted by Miguels244 View Post
    The only way I’ve ever felt “safe” was using MAC address permissions.
    Encrypted traffic would be nice, but many devices don’t have the capability.
    Individual passwords for each device would be good, but managing the list is, itself, a security risk.
    A buddy of mine is an IT security specialist, and his currently accepted best practice is to have individual passwords for all services, managed by a single password vault with multi-step authentication (e.g. a password and a text message code). The twist comes from the fact that nobody knows the actual cell phone number, except for a third-party call forwarding service which maintains any number (up to 9 I think) of "public" phone numbers that can be given out freely and forwards all calls, texts, etc. to the real number.

  10. #8
    Join Date
    Mar 2011
    Location
    Denver, CO USA
    Posts
    10,212
    Post Thanks / Like
    Likes (Given)
    58
    Likes (Received)
    5694

    Default

    Quote Originally Posted by BoxcarPete View Post
    A buddy of mine is an IT security specialist, and his currently accepted best practice is to have individual passwords for all services, managed by a single password vault with multi-step authentication (e.g. a password and a text message code). The twist comes from the fact that nobody knows the actual cell phone number, except for a third-party call forwarding service which maintains any number (up to 9 I think) of "public" phone numbers that can be given out freely and forwards all calls, texts, etc. to the real number.
    Which is fine until the controls guy ends up with a dead phone or the service goes down.

    Still, I’ll look into it, thanks.

  11. Likes adama liked this post
  12. #9
    Join Date
    Sep 2008
    Country
    CANADA
    State/Province
    Ontario
    Posts
    295
    Post Thanks / Like
    Likes (Given)
    144
    Likes (Received)
    174

    Default

    Quote Originally Posted by The Dude View Post
    Yeah, I totally get it. But how about this: Is there anything you know about using IoT devices that make it any "worse" than having simple WIFI in your facility, or even just connected to the internet (wired Ethernet, like the centrifuges likely were)? Or even just a smartphone in your facility? These days, you pretty much have to not have ANYTHING connected to the internet to be fully cyber secured, agreed? Even if you weren't connected to the internet but had data on a PC, someone could come in and just steal it, right? I've been using on-line banking for years and have never had money stolen via that route but have had my mail stole twice (now have a locking mailbox).
    A significant difference between IOT and industrial controls, general computers and servers, is that computers and servers actually have their software updated for security issues. Embedded systems tend not to. Older Android phones, consumer WIFI routers, etc are in that group. From what I've seen in industry, once a piece of machinery get built, it will run that type of electronics for its entire life. Who is writing security updates for 10+ year old industrial controls that have ethernet on them?

    Quote Originally Posted by The Dude View Post

    If the stuff you're using won't work, Monnit makes both temp and noise sensors. I got a temp sensor installed and the issue I have is that it continually alerts at the temp threshold, hopefully there's a way to make this just a one-time alert on a temp change/noise change (haven't looked into it yet).
    My experience with industrial stuff, is that sensors expect to feed messages into an OPC network, SCADA, or PLC. The messages are regular so the control still knows the status, and then the control is responsible for the one shot messages.

    I haven't worked with any "IOT" stuff, so I don't know if it is really any different from other industrial networks, or if it is (existing industrial stuff + hype) = IOT.

  13. #10
    Join Date
    Mar 2011
    Location
    Denver, CO USA
    Posts
    10,212
    Post Thanks / Like
    Likes (Given)
    58
    Likes (Received)
    5694

    Default

    Quote Originally Posted by adamm View Post
    A significant difference between IOT and industrial controls, general computers and servers, is that computers and servers actually have their software updated for security issues. Embedded systems tend not to. Older Android phones, consumer WIFI routers, etc are in that group. From what I've seen in industry, once a piece of machinery get built, it will run that type of electronics for its entire life. Who is writing security updates for 10+ year old industrial controls that have ethernet on them?



    My experience with industrial stuff, is that sensors expect to feed messages into an OPC network, SCADA, or PLC. The messages are regular so the control still knows the status, and then the control is responsible for the one shot messages.

    I haven't worked with any "IOT" stuff, so I don't know if it is really any different from other industrial networks, or if it is (existing industrial stuff + hype) = IOT.
    Even if those updates are written there’s a serious aversion to rolling them out.
    Having a line go down due to an update is a “bad thing”.

  14. #11
    Join Date
    Sep 2008
    Country
    CANADA
    State/Province
    Ontario
    Posts
    295
    Post Thanks / Like
    Likes (Given)
    144
    Likes (Received)
    174

    Default

    Quote Originally Posted by Miguels244 View Post
    Even if those updates are written there’s a serious aversion to rolling them out.
    Having a line go down due to an update is a “bad thing”.
    Indeed, it is a chicken and egg thing. No one updates because there are no updates available. No updates are available because no one would install them. (Or at least they don't care about the availability to upgrade to make purchasing decisions based on that availability)

  15. #12
    Join Date
    Dec 2004
    Location
    uk
    Posts
    14,058
    Post Thanks / Like
    Likes (Given)
    4552
    Likes (Received)
    6696

    Default

    I have a long planned project here at home i kinda want to roll this stuff into, want to actively measure air quality, CO2 levels and humidity inside and out to control my heat recovery ventilator and also control the storage heating part of my heating off this info and a online weather forecast, by knowing what tomorrow brings it should be pretty dang simple to then buy electric at a cheaper off peak time and store it as heat for use later, equally dropping air exchange rates if the airs good and temperatures less than ideal should offer some not insignificant savings in time too. I think there's some serious potential to make stuff a lot more of a system with this stuff rather than a bunch of dumb separate items.



    Sure security is a issue with all of these. That said, i kinda doubt the American or Israel or "*******.com" is going to over speed me washing machine because me whites are too white! My understanding of the stutnex code is that someone must have spent some serious coin on making it and testing it + the knowledge of what and how, hence it seams a bit outside a sad kid in there bedroom attack, Guess im just not paranoid enough!!

  16. #13
    Join Date
    Nov 2008
    Location
    Madera county california usa
    Posts
    2,365
    Post Thanks / Like
    Likes (Given)
    20
    Likes (Received)
    580

    Default

    This is nothing new.

    SCADA and other control systems have been in use for years.

    Using internet is just a user deployable system that allows anyone to use it.

    We have interfaced cloud seeders and potato chip factories and security not problem as it was closed system.

    Simple telemetry is easy enough as it is one way usually but adding control requires security to avoid stupid things.

    Firewalls can help.

    Sent from my SAMSUNG-SM-G930A using Tapatalk

  17. #14
    Join Date
    Dec 2004
    Location
    uk
    Posts
    14,058
    Post Thanks / Like
    Likes (Given)
    4552
    Likes (Received)
    6696

    Default

    ^ IMHO honestly half of what makes the IOT thing good is that it is connected to the world, to not make use of that is kinda ignoring one of its key strengths - capabilities.

  18. #15
    Join Date
    Mar 2011
    Location
    Denver, CO USA
    Posts
    10,212
    Post Thanks / Like
    Likes (Given)
    58
    Likes (Received)
    5694

    Default

    Quote Originally Posted by adama View Post
    I have a long planned project here at home i kinda want to roll this stuff into, want to actively measure air quality, CO2 levels and humidity inside and out to control my heat recovery ventilator and also control the storage heating part of my heating off this info and a online weather forecast, by knowing what tomorrow brings it should be pretty dang simple to then buy electric at a cheaper off peak time and store it as heat for use later, equally dropping air exchange rates if the airs good and temperatures less than ideal should offer some not insignificant savings in time too. I think there's some serious potential to make stuff a lot more of a system with this stuff rather than a bunch of dumb separate items.



    Sure security is a issue with all of these. That said, i kinda doubt the American or Israel or "*******.com" is going to over speed me washing machine because me whites are too white! My understanding of the stutnex code is that someone must have spent some serious coin on making it and testing it + the knowledge of what and how, hence it seams a bit outside a sad kid in there bedroom attack, Guess im just not paranoid enough!!
    I don’t really care about home use.
    Industrial use is different.
    Just be aware...if you can monitor it so can other people.

  19. #16
    Join Date
    Dec 2004
    Location
    uk
    Posts
    14,058
    Post Thanks / Like
    Likes (Given)
    4552
    Likes (Received)
    6696

    Default

    Sure, thats the thing about the whole IOT thing, everything you use it on is then a vulnerability.

    I don't to a degree see the difference between home and industrial use though, the risks security wise are the same. Its just what its controlling and how many people that can effect from the individuals stand point a IOT hack at home can be just as bad as one at work. Each controlled thing has a security risk too it, if your controlling shit that could go seriously wrong in a bad way you have to take the security side a lot more seriously than something more mundane. Seperate networks helps there but there never as isolated as a lot of people like to think they are. Theres lots of way people jump the gaps, sure its a great first step, but you have to realise a serious enemy is still going to be able to attack your network if the rewards to them are great enough.

    The whole area of digital security is becoming ever more complex though. Ever more attack vectors are nearly daily being found. Thats were hard wired connections buy you some degree of increased security, but with ever increasing use of digital controls, theirs still vulnerabilities, most household and ever more industrial stuff of all descriptions runs based on programmed code, in micro controllers of all sorts, ranging from simple chips on upto seriously powerful PC level on board computing, not circuit level hard wired logic of the 1980's, this alone is a vast potential exploit.

  20. #17
    Join Date
    Mar 2011
    Location
    Denver, CO USA
    Posts
    10,212
    Post Thanks / Like
    Likes (Given)
    58
    Likes (Received)
    5694

    Default

    Don’t overlook the fact that every device on the network is a potential weak point. Hack a sensor with weak security and you can work your way up the chain.

  21. #18
    Join Date
    Mar 2017
    Country
    LATVIA
    Posts
    253
    Post Thanks / Like
    Likes (Given)
    67
    Likes (Received)
    136

    Default

    my "issue" with IoT stuff is that they seem to be pushing the design of those devices to use some centralized data hub, which is free now of course, but will it be in 5 years? will even the company that made the thing be here in 5 years?

    the whole concept to me looks like some government handout program with a loud slogan like - "we create new high tech jobs", "technologies of tomorrow for today", something along those lines, and larger companies just spending that money, because they can get it, and I say this because you already can "connect" anything you want to the internet, have it collect any data you want, broadcast, etc, and you can do this with hardware that costs less that 5$, I mean it, I made a device that would monitor few gas pressures, and if something isn't within user set range, it would email to user set email addresses, smtp for mail was external service, but the whole code took up like 15kb of 32kb available storage on the microcontroller, oh, it had a simple web server as well, you could open the devices ip in web browser and see live pressure data that it collected, and I'm no electronics guru even, I know my way around a few program languages and electronics, but that is all self taught stuff, so the people working in this industry had everything they needed to connect an electric tea kettle or kitchen sink to the internet quite a while ago

    so I just don't see why they needed to invent this "IoT", when the ability and hardware was here a decade ago at next to nothing cost

    I see that they'd want this to evolve into not just monitoring, but control side of things over time, but I believe that is a very very dangerous path to take, like self driving vehicles now on public roads as they are today

  22. Likes zsinstruments liked this post

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •